Commit 58aff0af authored by Will Deacon's avatar Will Deacon Committed by Al Viro

ipc/shm: Fix order of parameters when calling copy_compat_shmid_to_user

Commit 553f770e ("ipc: move compat shmctl to native") moved the
compat IPC syscall handling into ipc/shm.c and refactored the struct
accessors in the process. Unfortunately, the call to
copy_compat_shmid_to_user when handling a compat {IPC,SHM}_STAT command
gets the arguments the wrong way round, passing a kernel stack address
as the user buffer (destination) and the user buffer as the kernel stack
address (source).

This patch fixes the parameter ordering so the buffers are accessed
correctly.

Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarWill Deacon <will.deacon@arm.com>
Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent a90bcb86
...@@ -1237,7 +1237,7 @@ COMPAT_SYSCALL_DEFINE3(shmctl, int, shmid, int, cmd, void __user *, uptr) ...@@ -1237,7 +1237,7 @@ COMPAT_SYSCALL_DEFINE3(shmctl, int, shmid, int, cmd, void __user *, uptr)
err = shmctl_stat(ns, shmid, cmd, &sem64); err = shmctl_stat(ns, shmid, cmd, &sem64);
if (err < 0) if (err < 0)
return err; return err;
if (copy_compat_shmid_to_user(&sem64, uptr, version)) if (copy_compat_shmid_to_user(uptr, &sem64, version))
err = -EFAULT; err = -EFAULT;
return err; return err;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment